Abstract | ||
---|---|---|
Web servers such as Apache and web proxies like Squid support event logging using a common log format. The logs produced using these de-facto standard formats are invaluable to system administrators for troubleshooting a server and tool writers to craft tools that mine the log files and produce reports and trends. The Session Initiation Protocol (SIP) does not have a common log format, and as a result, each server supports a distinct log format. This plethora of formats discourages the creation of common tools. Whilst SIP is similar to HTTP, there are a number of fundamental differences between a session-mode protocol and a stateless request-response protocol. We propose a common log file format for SIP servers that can be used uniformly by proxies, registrars, redirect servers as well as back-to-back user agents. Such a canonical file can be used to train anomaly detection systems and feed events into a security event management system. |
Year | Venue | Keywords |
---|---|---|
2010 | SLAML | common log format,Whilst SIP,anomaly detection system,SIP server,de-facto standard format,SIP CLF,session initiation protocol,Squid support event,common tool,common log file format,distinct log format,log file |
DocType | Citations | PageRank |
Conference | 0 | 0.34 |
References | Authors | |
5 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Vijay K. Gurbani | 1 | 278 | 34.36 |
Eric Burger | 2 | 0 | 4.39 |
Carol Davids | 3 | 13 | 3.96 |
Tricha Anjali | 4 | 151 | 17.13 |